Information technology thrives on providing content to users. However, any practical implementation involving content for the enterprise requires that access be limited to authorized users only.
Access control lists can be implemented to specify those users who are authorized to access content. When content is requested, the access control list can be checked. However, as the amount of content grows and the number of users increases, it can become burdensome to perform such authorization checks.
If a very large number of content pieces are involved, the process of determining whether a user is authorized for the content can consume considerable resources, leading to performance degradation. There is therefore room for improvement.